20 Years Later, Creator of World's First Major Computer Virus Located in Manila (bbc.com) 100
"The man behind the world's first major computer virus outbreak has admitted his guilt, 20 years after his software infected millions of machines worldwide," reports the BBC:
Filipino Onel de Guzman, now 44, says he unleashed the Love Bug computer worm to steal passwords so he could access the internet without paying. He claims he never intended it to spread globally.
And he says he regrets the damage his code caused. "I didn't expect it would get to the US and Europe. I was surprised," he said in an interview for Crime Dot Com, a forthcoming book on cyber-crime.
The Love Bug pandemic began on 4 May, 2000. Victims received an email attachment entitled LOVE-LETTER-FOR-YOU. It contained malicious code that would overwrite files, steal passwords, and automatically send copies of itself to all contacts in the victim's Microsoft Outlook address book. Within 24 hours, it was causing major problems across the globe, reportedly infecting 45 million machines...
He claims he initially sent the virus only to Philippine victims, with whom he communicated in chat rooms, because he only wanted to steal internet access passwords that worked in his local area. However, in spring 2000 he tweaked the code, adding an auto-spreading feature that would send copies of the virus to victims' Outlook contacts using a flaw in Microsoft's Windows 95 operating system.
"It's not really a virus," wrote CmdrTaco back on May 4, 2000. "It's a trojan that proclaims its love for the recipient and requests that you open its attachment. On a first date even! It then loves you so much that it sends copies of itself to everyone in your address book and starts destroying files on your drive...
"Pine/Elm/Mutt users as always laugh maniacally as the trojan shuffles countless wasted packets over saturated backbones filling overworked SMTP servers everywhere. Sysadmins are seen weeping in the alleys."
And he says he regrets the damage his code caused. "I didn't expect it would get to the US and Europe. I was surprised," he said in an interview for Crime Dot Com, a forthcoming book on cyber-crime.
The Love Bug pandemic began on 4 May, 2000. Victims received an email attachment entitled LOVE-LETTER-FOR-YOU. It contained malicious code that would overwrite files, steal passwords, and automatically send copies of itself to all contacts in the victim's Microsoft Outlook address book. Within 24 hours, it was causing major problems across the globe, reportedly infecting 45 million machines...
He claims he initially sent the virus only to Philippine victims, with whom he communicated in chat rooms, because he only wanted to steal internet access passwords that worked in his local area. However, in spring 2000 he tweaked the code, adding an auto-spreading feature that would send copies of the virus to victims' Outlook contacts using a flaw in Microsoft's Windows 95 operating system.
"It's not really a virus," wrote CmdrTaco back on May 4, 2000. "It's a trojan that proclaims its love for the recipient and requests that you open its attachment. On a first date even! It then loves you so much that it sends copies of itself to everyone in your address book and starts destroying files on your drive...
"Pine/Elm/Mutt users as always laugh maniacally as the trojan shuffles countless wasted packets over saturated backbones filling overworked SMTP servers everywhere. Sysadmins are seen weeping in the alleys."
Re: and people still use outlook (Score:1)
Re: (Score:2)
That will fly over the heads of many in the West. Took me a moment. Good one :) Modded you Funny, hope thats OK. Oh shit Mods undone. Life is so unfair.
Re: (Score:2)
hate to miss jokes ... :/
Re: (Score:2)
Quote: would you have said outlook?
Interpretation 1: Would you have said the word 'Outlook' if a different client had been the target?
Interpretation 2: Would you have this point of view (said outlook) if a different client had been the target?
Re: (Score:2)
Re:and people still use outlook (Score:4, Funny)
The first time I fixed his computer he said he opened it because he thought it might be a picture of Anna Kournikova without her blouse on, and he wanted to see that.
I can't remember what his reason was after the second time, but I do remember him complaining about having to pay me twice.
According to Wikipedia it was in 2001, but it feels like it was last year.
Re: (Score:2)
Clueless users are the biggest problem. Sometimes it's appropriate to blame the victim.
Yeah, because when your email client automatically downloads and executes attachments without the user even clicking on them, it must be the users fault, right?
Re: (Score:2)
So what you're saying is... this? [iruntheinternet.com] (SFW)
Re: (Score:2)
Re: (Score:2)
Re:and people still use outlook (Score:4, Insightful)
In their defense, their was no much alternative to outlook at the time.
Somehow I had email back in the 1990s without ever relying on Outlook.
Re:and people still use outlook (Score:5, Insightful)
Re: (Score:2)
This! People on Slashdot assume they are a representative portion of the computer population. Honestly nothing could be further from the truth.
Re: (Score:1)
They were back then.
Re: (Score:3)
In the year 2000 I would have assumed most people's home e-mail was either part of their walled-garden "internet" package (AOL, Prodigy, Compuserve), or they used a simple pop3 mail client provided/branded by their ISP. I know you could always setup outlook to work with your ISP e-mail, but I don't remember it often being put out there as the first option and certainly not the least technical (in 2000 a not-insignificant percentage of the population couldn't figure out a 2 button mouse, setting up an accou
Re: (Score:2)
Not possible Email didn't exist until Hotmail took over the AOL monoculture.
- The non-Slashdot internet users
Re: (Score:2)
In their defense, their was no much alternative to outlook at the time.
I used PINE, but most of my friends used Mutt.
Re:and people still use outlook (Score:5, Informative)
In their defense, their was no much alternative to outlook at the time.
Eudora for Windows and Mac /2
Pegasus for DOS and Windows
PMMail for Windows and OS/2
MR/2 ICE for OS
Free Agent for Windows
Mutt for linux
All of them better then outlook at the time :-P
Re: (Score:2)
Pine, for life!
Re: (Score:2)
In their defense, their was no much alternative to outlook at the time.
There were more alternative email clients back then than there are now. The actual problem was that MS Exchange refused to work properly with any client but outlook. I know, I tried many times to use other email clients to connect to Exchange.
Why does this do so much damage? (Score:5, Interesting)
If Virus Dude was just into harvesting passwords for free Internet, why does it wreck files on host computers?
Is Virus Dude an incompetent programmer and this was a side effect, or did he add that feature because he couldn't help his malevolent self, whom he is now making excuses for?
Re: (Score:2)
Re: (Score:2)
I would guess his thought process was that he needed to prevent his targets from going online for a few days which would most likely get him kicked off the net as the oldest connection with those credentials.
Re: (Score:2)
Nothing to do with Outlook. (Score:3)
they get what they deserve, really, outlook is the real problem.
ILOVEYOU had nothing to do with Outlook. It was a VBS script executed by the OS manually after the user clicks on it (possible for any email program), and replicates itself by sending copies of itself to contacts in the Windows Address Book which was used by several email applications of its time.
Re: (Score:2)
Short memories? I remember plenty of viruses previous to the Love Bug- a good 15 years worth.
Re: (Score:1)
Yeah, I remember, We used Disinfectant. You can still get it in the suppository [macintoshrepository.org]
First? What? Hello? Internet worm. (Score:2)
Certainly pre-dating this one by a long time.
Re:Can you not read? This is the first MAJOR... (Score:4, Informative)
Re: (Score:2)
That's like saying I had a "major" production disruption yesterday because the only 3D printer in my house had a filament clog. The Morris Worm may have been major to the internet at the time, yet did very little to actually disrupt the world at large, and the only reason it made the general news at all was a certain prosecution under a new law.
Re:Can you not read? This is the first MAJOR... (Score:5, Insightful)
This is the first MAJOR....virus, not the first ever.
By the early 1990s, PC viruses were enough of an issue to support an entire industry of antivirus vendors. I'd call that major.
Re: (Score:2)
By the early 1990s, viruses were enough of an issue to support many industries of antivirus vendors, spread across the platforms - I distinctly remember having to scan Amiga floppies before using them back around 1990/1991 and that was an accepted thing *then*.
Re: (Score:2)
By the early 1990s, PC viruses were enough of an issue to support an entire industry of antivirus vendors. I'd call that major.
And yet the only ones actually wormable infected a few minor components of a very small internet and had ultimately no impact on the larger world.
The GP is right, ILOVEYOU was the first major virus that actually had an affect. It spread magically between corporate and personal IT systems, it spread itself around the world, it infected computers at a time when they were not only rising in popularity but also starting to have a serious contribution to the running of the economy (rather than being a back offic
Re: (Score:2)
No, you're just describing the first virus where mitigations didn't work.
Prior to that, billions of dollars had been spent on antivirus products, educating users about things like trading floppies, and upgrading the security of OSes and applications to be suitable for internet connections (although Microsoft in particular was late to the game on that one).
Billions of dollars is a major impact, and many pre-existing viruses would have spread equally far without those expensive countermeasures. They weren't j
No true Scotsman! (Score:5, Informative)
It wasn't even the first "major" one! Unless you very specifically conveniently define it so that it is this!
We had plenty of instances that could qualify for your useless vague word "major", both before and after this one!
I still remember viruses coming with games from shared floppy disks being a common thing!
Hell, it wasn't even a virus! It was a worm! With the major difference being, that a worm is spread manually, by people! (Let's be honest: Eternal Septemberers.)
The only thing that differed, is that now all the clueless morons were somehow allowed on the Internet without a license, and they promptly chose to make crap software dominate. From Outlook over Internet Explorer to Bonzi Buddy and TikTok!
It's pretty clear that you're one of them and shouldn't have gotten a license either.
Re:No true Scotsman! (Score:4, Informative)
The first worms i saw in the wild were TSRs in DOS, that could propogate via floppies. Particularly as we were entering a world of high density floppies these worms could invade boot sectors, executables and the like and not really be noticed. In the really old days of 180k and 360k floppies and max RAM that was often far less than. 640k you knew when something weird was eating your storage. But once we had larger storage, TSRs and extended memory, we had entered a new world. Heck I remember a couple of our PCs becoming infected with the Michaelangelo virus.
Re: (Score:2)
I remember some nasty BIOS virus that would spread via floppies, if you had (IIRC) Phoenix BIOS it would kill your motherboard dead otherwise it would just TSR and infect every other floppy. Some idiot got it on the boot floppy of the Win 95 disk set that he loaned all his friends.
Re: (Score:2)
Ah yes, I have fond memories of one of them "Stoned.d". That one was easy to remove though.
Re: (Score:2)
Most of them were pretty trivial to remove, but that in itself built us towards the arms race we're at today. By the mid-1990s there were some pretty seriously difficult viruses to remove, and the Windows driver model, never terribly secure, ended up being a pathway for rootkits, and those were demons to get rid of.
Re: (Score:3)
Hell, it wasn't even a virus! It was a worm! With the major difference being, that a worm is spread manually, by people!
That's backwards, a worm spreads automatically. [wikipedia.org] A virus has to be executed to spread.
Re: (Score:2)
Hell, it wasn't even a virus! It was a worm! With the major difference being, that a worm is spread manually, by people!
That's backwards, a worm spreads automatically. [wikipedia.org] A virus has to be executed to spread.
No that would be a trojan.. But it is getting really pedantic now. Worms and Trojans are both types of viruses.
Re:Whaaat (Score:2)
No that would be a trojan
A Trojan doesn't self-spread, it's just hidden malware. Seriously, I don't know what's wrong with you people, not knowing the definitions and pretending you do.
Re: (Score:2)
I remember what havoc the SCA and Saddam viruses caused on the Amiga. I never understood why, since most of those machines didn't have hard drives, and anyone with a lick of common sense always kept their Workbench boot disk write-protected (something I really wish you could do with modern media).
Re: (Score:2)
We had plenty of instances that could qualify for your useless vague word "major"
Alright put up, get to naming them. Criteria: Wormable. Affected more than 50 million computers. Caused more than $15billion in damages. Released prior to 2000.
If there are plenty you should be able to name them right?
If you can't. Well... I don't really need to call you ignorant again, at this point everyone already knows that.
Re: (Score:2)
Re: (Score:2)
Also, worms aren't viruses (Score:3)
You're thinking of the Morris Worm.
Worms spread by themselves. Viruses and Trojans require human interaction. Iloveyou could be classified as a virus or Trojan because it only works when the victim clicks to run the code.
The exact term which should be applied is little unclear because of the eay tye definitions work, but really Iloveyou is a trojan.
Re: (Score:2)
You're thinking of the Morris Worm.
Can't help but wonder why you didn't include a "no relation" disclaimer. Hmm...
Re: Also, worms aren't viruses (Score:2)
What? No! Worms are a form of virus.
http://www.catb.org/~esr/jargo... [catb.org]
(If you do not know this site, and what the "jargon" in the url means, please hand in your geek card.)
Viruses do not need human interaction! That's only trojans! Hence the name.
Viruses traditionally looked for other executables on the computer. Including floppy disk boot sectors and contents.
The only human action back then was carrying a floppy over, but that was only because there was no network drive or BBS, not because of the kind of ma
Re: (Score:2)
That's my memory of the distinction, but it's been long long time and definitions are pliable.
As I remember it though, viruses replicate on a computer, but require people to move them to different computers. Worms replicate themselves to new computers. Trojans don't replicate themselves and are disguised as to what they do (but often not subtle once run). Logic bombs are Trojans that act normal for a while before going off.
There's maybe something in the back of
Re: Also, worms aren't viruses (Score:4, Informative)
Trojans just pretend to be something they are not. Like a love letter or an archive of naked tennis player pictures. A virus can be a trojan and I suppose also a worm, they are not firm and mutually exclusive categories. I've worked for several AV firms since 2000 and this is hardly a new discussion. Rules are created to allow classification, sometimes they are changed.
At one point someone decided a worm was malware (ooooh new term) that didn't need to become resident in storage. I'm not sure if that stuck, I think that was around the time of Code Red. I got pretty bored with this sort of pointless meeting pretty fast. They do what they do, and they've been doing since before the first AV software came out. Obviously.
Re: (Score:2)
from that site: ... Unlike a worm, a virus cannot infect other computers without assistance
worm - A program that propagates itself over a network, reproducing itself as it goes
virus - A cracker program that searches out other programs and ‘infects’ them by embedding a copy of itself in them, so that they become Trojan horses.
Re: (Score:2)
Viruses do need human interaction to spread, insofar as a human needs to make the computer access whatever has the virus, be it by visiting a webpage, inserting a disk, of clicking an executable.
Worms propagate themselves by establishing outgoing connections to other computers or devices to find something to infect.
Basically, viruses wait for you to run into them, while worms actively search for you.
Re: (Score:2)
You're thinking of the Morris Worm.
Username checks out.
Re: (Score:2)
Re: First? What? Hello? Internet worm. (Score:2)
Re: (Score:2)
The Morris worm was a pretty big deal: https://en.wikipedia.org/wiki/... [wikipedia.org]
I remember when it ravaged the internet in the early days. I guess 20th century stuff is erased now.
Re: (Score:2)
Re: (Score:2)
My first experience with viruses was around 1990 when my computer stated "Your computer is now stoned" and wouldn't boot anymore. This was after bringing home a floppy I used in the computer lab at school. It's also when I learned to install OS's.
https://en.wikipedia.org/wiki/... [wikipedia.org]
Re: (Score:2)
I remember that one well. Was fixed by booting off a clean rescue floppy and run "sys c:"
Re: (Score:2)
It was the first Word macro virus, I believe that up to that point most malware depended on the OS for its functionality rather than using an application's hooks.
Re: (Score:2)
We had PC computer viruses that caused "major" damage by the mid 1980s. Internet connectivity was rare at the time. But they didn't need Internet connectivity, thanks to floppy sharing and even BBSs. I remember the Pakistani Brain Virus, in particular, as one that people feared; wikipedia says it hit in early 1986. PCs and their viruses were pretty widespread by the late 1980s / early 1990s.
Of course, viruses spread a lot more slowly in the pre-Internet days. So the more destructive ones would include
robert morris has an asian fetish? (Score:1)
I need a full multimedia experience in my email (Score:5, Funny)
So better load any attached image, render any HTML, and run any JavaScript and ActiveX script. I want this blinking comic sans to appear beautifully on my 16 million color display!
Re: I need a full multimedia experience in my emai (Score:2)
Ditto for websites.
I think seding somebody a video message is not any stranger than sending somebody a plain text one.
It's the point where it becomes more of an application platform, where it goes wrong.
I think it should just be data structures. Presentation and logic should be left to the user. Especially interactivity.
Servers could offer additional logic, like data query features, to avoid sending over the complete structure and database. But that's it.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I found out about overloaded exchange servers when one of the admin assistants sent an email to everyone in the address book. It had an attachment - some flyer for a charity - and she'd scanned it in at full-res, high quality settings.
A 52MB attachment to ~500 users, some remote. The boss asked "why", and after I'd explained it to him, agreed that only selected personnel* would have access to the "All staff" mailing list. But not including his secretarial pool, one of whom was the cause of all the fuss.
* ye
Re: (Score:3)
Not just Outlook. Elf_Bowling.exe crashed our SMTP server three days running after a dingbat in the travel center forwarded it to her 45 closest friends, who then did the same. We put a filter to stop Elf_Bowling.exe, so someone was bright enough to change it to Elf-Bowl.exe the next day, and Elf.txt the next day with instructions to change the extension. By the next day pretty much everyone in the company had a copy so it finally died down.
Re: (Score:2)
Not just Outlook. Elf_Bowling.exe crashed our SMTP server three days running after a dingbat in the travel center forwarded it to her 45 closest friends, who then did the same. We put a filter to stop Elf_Bowling.exe, so someone was bright enough to change it to Elf-Bowl.exe the next day, and Elf.txt the next day with instructions to change the extension. By the next day pretty much everyone in the company had a copy so it finally died down.
This is basically the way human viruses work - keep mutating until everyone already has it, at which point transmission goes down to background radiation sort of level.
Re: Great! Let's beat the scumbag to death. (Score:2)
Hmm, just made a virus.
You are a *murderer*.
I'd say you'd be first for the beating, if I went by your "logic".
Are you kidding me?? (Score:5, Insightful)
"The first"??
Computer viruses had been spreading through the word for decades already! Antivirus software was a standard thing by then!
Next up: "September 1993 [catb.org], when AOL invented the Internet."
Reminds me of ... The Un [youtu.be].
Re: (Score:2)
"The first"??
I know reading to the end of a sentence is difficult, but you could at least read all the adjectives in front of the noun instead of cherry picking the ones you like because you feel the need to post some nonsense.
What's he doing now? (Score:1)
He's now trying to steal Microsoft Office 365 passwords [slashdot.org]
First? This does not pass (Score:1)
Just my 2 cents
Re: (Score:2)
The "stoned" virus was long before love bug (Score:2)
Legal consequences? (Score:2)
If you maliciously do that much damage, normally there are consequences. Or is he coming out now because there is a 20-year statute of limitations?
Re: (Score:1)
I imagine he's responsible for more man-hours being wasted than he has left to live, which should mean his life is forfeit. Unfortunately I'm not in charge.
Good rewrite of history (Score:5, Interesting)
I think every new generation thinks they invented everything and they forget or don't realize that a bunch of stuff came before them.
And if someone wants to quibble about what a "major, modern virus" is and they don't think that what was before counts then "Love" was only a blip. The first truly modern virus came out exactly one week after 9/11 (09/18/2001). NIMDA used a whole array of features that meant that it spread simply by highlighting it on multiple platforms. (File Explorer and in a browser!)
Re: (Score:2)
Guess that's because most slashdotters are very young now. Norton Antivirus was introduced 1991, almost 30 years ago, was a huge problem then
Re: (Score:2)
Symantec bought Norton Antivirus in the early 90s but Symantec Antivirus was quite a different product and it came about later.
Symantec Antivirus was from their purchase of the Intel LanDesk Antivirus in the late 90s and it was way WAY better than Norton. It was much lower processor overhead, better detection, much better supported, much easier to roll out, etc. Norton made lots of people mad especially with endless bloat of modules, additional programs, junkware, ad nauseam...
Re: (Score:2)
Uhhh, "major computer viruses" were common a decade earlier.
Nope. Computer viruses were common. "Major" is the adjective here people are willfully ignoring. Viruses were dime a dozen. I had plenty sitting on floppies by the mid 90s in a box that said "warning do not run" on them. None of them:
- spread like this one (infecting >50million PCs)
- came at a time when computer viruses were relevant to the economy (seriously all computers in the world could go down in the early 90s and it would barely make a blip, in 2000 the landscape was very different).
- caused $15 b
Re: (Score:2)
In 2001 "Code Red" was a the first major worm to attack Windows enterprise servers (IIS) and the technology in that was used as part
Not the first, but... (Score:2)
First? Nope. The 4096 virus shut us down in 1990 (Score:2)
Long before the plebs had a internet connection, the 4096 virus was spreading world-wide by floppy disk. We had to shut down every PC in our company and do a manual clean, one by one. I still remember laughing as I explained "computer viruses" to management - the numpties thought it could be spread through the air like a biological virus ffs.
Mutt user here... (Score:2)
To be fair, you can configure Mutt so that it can execute a trojan. But anybody using Mutt is probably far too knowledgeable to do something this abysmally stupid. (Incidentally, this abysmally stupid setting is basically the default on "modern" email clients. Go figure.)
First major virus? I think not. (Score:2)
The SCA virus was widespread through the Amiga community back in 1987-88, although it was relatively harmless as far as these things go. I still have a couple of infected floppies that boot, run, and print the message just fine on my A1000.
I guess we'll also ignore the fact that SCA appeared *years* after the first Apple II viruses had arrived on the scene.
Too malicious to be an accident (Score:2)
This virus was not only self-replicating and credential-stealing, it was actively destructive. This is like a burglar who burns your house down on the way out. This guy deserves prosecution.
Re: (Score:2)
No it wasn't
Love Letter from my boss (Score:2)
The Love Bug “computer” worm? (Score:2)
How it works, what it does [radsoft.net]
Let me guess... (Score:2)
No, the fiirst "virus author" is NSA funded at MIT (Score:1)
Look up "Robert Tappan Morris", He published the "Morris Worm", an UNIX based self replicating worm in 1988 that took down key systems around the world because he didn't understand simple math, and pulled the "get out of jail free" card of "my daddy runs the NSA" while he spent the next few days hiding his traces instead of publishing the code He's part of the "Computer Architecture Group", champions at pursuing *really bad ideas* without examining the consequences, such as Robert's "detect people in othe
Hahaha, no (Score:2)
Norton Antivirus introduced in early 1991, viruses were numerous and a huge problem already. The big one in 1986 was Brain boot sector virus that went rampant in IBM PC ecosystem. Stoned appeared a year later and was worldwide by the early 90s.